The Management API allows search capabilities over the users of an Auth0 account, however, users are not directly associated with a client application, they are associated with a connection and then it’s possible to associate connections to client applications.
In addition, users group concepts can be managed either in a custom way or using the Authorization extension. In either case if the group information is then stored also at the
app_metadata level of each user then it’s possible to also include that information as part of the search criteria that the Management API would accept.
In conclusion, if user group information is available at the metadata then you will be able to search it; the client application association depends on what exactly do you mean with that. If you want to narrow down to all the users that may be able to authenticate to the client application you may consider searching by connection (restricting to connections associated with the client application). However, if you’re looking for the users that actively logged in to a client application then this may not be feasible through the Management API.